Casbin.js is the frontend library for Casbin, which facilitates the manipulation, management and storage of the user permission in a frontend application.
We demonstrate the usage of Casbin.js with a React app. View the code to see more details.
You can use manual mode in Casbin.js, and set the permission whenever you wish.
const casbinjs = require('casbin.js'); // Set the user's permission: // He/She can read 2 objects: data1 and data2 // Can write 1 objects: data1 const permission = { "read": ['data1', 'data2'], "write": ['data1'] } // Run casbin.js in manual mode, which requires you to set the permission manually. const authorizer = new casbinjs.Authorizer("manual"); authorizer.setPermission(permission); authorizer.can("read", "data1").then(result => { console.log(result) }) authorizer.cannot("write", "data2").then(result => { console.log(result) });
You can also use the auto mode. In details, specify a casbin backend service endpoint when initializing the Casbin.js authorizer, and set the subject when the frontend user identity changes. Casbin.js will automatically fetch the permission from the endpoint. (A pre-configurated casbin service API is required at the backend.)
const casbinjs = require('casbin.js'); // Set your backend casbin service url const authorizer = new casbinjs.Authorizer('auto', {endpoint: 'http://Domain_name/casbin/api'}); // When the identity shifts, reset the user. Casbin.js will automatically fetch the permission from the endpoint. await authorizer.setUser("Tom"); // Evaluate the permission authorizer.can("read", "data1").then();
More functionalities of Casbin.js are still under development. Feel free to raise issues to share your features suggestions!
